John has consulted and taught hundreds of organizations in the areas of cybersecurity, regulatory compliance, and penetration testing. John is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks. He is also an experienced speaker, having done presentations to the FBI, NASA, the NSA, and at various industry conferences.

In this episode, we discuss remote workers in the Covid-19 pandemic, validating VPN targets in pen tests, cloud security, developing SANS course material, how to choose what to give away, planning conferences, threat hunting, keeping up with new vulnerabilities, mental health, and so much more.